AWS Security Blog

Tag: Distributed teams

Build an end-to-end attribute-based access control strategy with AWS SSO and Okta

This blog post discusses the benefits of using an attribute-based access control (ABAC) strategy and also describes how to use ABAC with AWS Single Sign-On (AWS SSO) when you’re using Okta as an identity provider (IdP). Over the past two years, Amazon Web Services (AWS) has invested heavily in making ABAC available across the majority […]

Read More

How to delegate management of identity in AWS Single Sign-On

Note on May 13, 2022: AWS SSO supports two forms of delegation. One form is to delegate a member account where you can administer the service, which eliminates the requirement to sign in to the AWS Organizations management account for daily administrative work. See here: https://aws.amazon.com/about-aws/whats-new/2022/05/aws-sign-on-administer-delegated-member-account-in-organization/. The second form, which is covered in this blog, […]

Read More